IT Reshoring News

Yahoo’s Breach of Trust

Yahoo's recent hack, and their very delayed announcement of it, is a scary example of what can happen when you offshore your IT. Data security is important for all of us.

Today’s Reshoring News isn’t strictly about companies who’ve sent their IT offshore. But it is a scary example of the security risks offshoring your IT can present.

Yahoo announced recently that it had a data breach. It caused an uproar—but not just because the breach put millions of users’ data in jeopardy. People are upset because Yahoo waited 18 MONTHS to announce the breach!

That’s over a year-and-a-half that Yahoo waited to inform users that they had been affected.

Hemant Bhargava, Professor of Technology Management at UC Davis, pegs the breach’s liability cost at between $25 and $200 per user. That might seem small, until you realize that we’re looking at 500 million users affected!

During the announcement, Yahoo recommended that users change their passwords and use caution when opening suspicious links moving forward.

Now, changing your password is always a good practice. We recommend doing so at least a few times per year.

However, doing so on an account compromised for two years won’t help the damage already done. Think of it like this:

This is about more than a hacker reading emails sent from a Yahoo account. Stealing over 500 million passwords has a ripple effect across the entire Internet. As one University of Pennsylvania security researcher described it, “Data breaches on the scale of Yahoo are the security equivalent of ecological disasters.”

Imagine that this same type of breach happened to Bank of America. Facebook. Or the U.S. Defense Department. Instead of passwords and phone numbers, imagine if the hackers had acquired routing numbers. Identity data. Backdoors into major datacenters.

See where we’re going? This is not simply about one company making a major mistake. This is about all of us needing to protect data before it gets stolen.

What You Can Do: Encourage Your Representatives to Enforce Strong Data Security

With more emphasis placed on data security, both in the private sector and in government, data like this becomes much safer for everyone. As a result of the Yahoo breach, Sen. Richard Blumenthal (D-Conn.) and others are actively pushing for a Congressional investigation.

Want to help? Contact Senator Blumenthal and his Congressional backers to show your support. We’ve made it easy. Just click this link, and an email will auto-populate. Just add your name and click Send.

Additionally, you can contact your state senator and urge strong data security practices. If we don’t all strive to keep data secure, lackadaisical approaches, as evidenced by Yahoo and other large companies, only encourage hackers.